cents← Privacy & Safety

Data Retention & Disposal Policy

Effective May 2026 · Reviewed annually

Purpose

This policy defines what data Cents retains, for how long, and how it is permanently deleted when you disconnect a bank account or close your account. Cents retains data only for as long as necessary to provide the service.

What we retain and for how long

Email address and hashed password

Duration of active account

Required to authenticate the user

Financial goals, income, and budget data

Duration of active account

Core application functionality

Plaid access token

Until bank is disconnected or account is closed

Required for read-only bank connectivity; deleted and revoked on disconnect

Bank institution name and Plaid account IDs

Until bank is disconnected or account is closed

Required to identify connected accounts; deleted on disconnect

24-hour balance snapshot

Refreshed every 24 hours; deleted on disconnect or account closure

Used to display current balances; not retained as historical data

Earned collectible metadata

Duration of active account

Application feature; no financial data involved

One-time login code (OTP)

Maximum 10 minutes; deleted immediately on use or expiry

Single-use authentication; never retained after verification

What we never store

  • Bank usernames or passwords
  • Account numbers or routing numbers
  • Card numbers or CVVs
  • Transaction history
  • Balance history over time
  • Social Security Numbers or government-issued identification

How deletion works

Disconnecting a bank account

When you disconnect a bank, two things happen simultaneously: the Plaid access token is deleted from our database, and we call Plaid's itemRemove API to revoke it at Plaid's end. All associated account metadata and the balance snapshot are also deleted immediately.

Closing your account

Email jonathanfarhat@gmail.comto request full account deletion. All data — goals, budget, income, Plaid connections, and collectibles — is permanently deleted within 5 business days. You'll receive an email confirmation when it's done.

Backups

Our database provider (NeonDB) retains automated backups for 30 days. After that window, deleted data is permanently and unrecoverably purged. Cents does not maintain any independent backups.

Your rights

You have the right to access, correct, or delete any personal data Cents holds about you. Submit any request to jonathanfarhat@gmail.com and we will respond within 30 days.

Last updated May 2026 · Cents by Jonathan Farhat

Privacy & Safety·Home